cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to Access the portal keystore using java code

Former Member

on ‎09-11-2008 2:21 PM

0 Kudos

Hello,

I've exchanged certificates with a third party portal and I am now interested in sending it a message digest and a signature using PKI approach implemented through Java APIs.

in PKI the signature is generated from the public key in the keystore.

Where on the filesystem can I find SAP's keystore that holds the portal's public key and how can I access it using java code (not via Visual Admin)?

I have already read [this post|; but it doesn't really answer my question.

Rgds,

Roy

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member4529
Active Contributor
‎12-03-2008 9:44 AM
0 Kudos

Hi Roy,

I'm also searching for the APIs available in SAP Netweaver to access Keystore so that I can exchange certificates with another application. Can you please point me to the correct APIs? Also I like to know the DCs I need to add as dependencies (Used DC) to access those APIs.

Thanks in advance,

Dipankar

Show replies
Show replies
Former Member
‎12-03-2008 9:51 AM
0 Kudos

Hi Dipankar,

Unfortunately SAP does not have any documentation for this API but luckily all you need is to retrieve the keystore object from the JNDI registry and once you got it, it is plain Java API which is documented.

Here is a sample from the code I am using now and is working.


InitialContext ctx = new InitialContext();
KeystoreManager manager = (KeystoreManager) ctx.lookup("keystore");
KeyStore keyStore = manager.getKeystore(<the view name you want to retrieve>);

// Now let's get a certificate from that view...
Certificate cert = keyStore.getCertificate(<certID>);

Make sure that your application has got authorisations to access this view.

You can control that access in the Key Storage service on VA -> Security -> and grant your code access to the relevant View.

You will need these DCs: IAIKSecurity and com.sap.security.api.

Hope it helps,

Roy

Edited by: Roy Cohen on Dec 3, 2008 11:52 AM

former_member4529
Active Contributor
‎12-03-2008 10:07 AM
0 Kudos

Hi Roy,

Thanks for the quick reply. I'm trying to use the same API you mentioned. But I'm facing the problem that KeystoreManager in the statement KeystoreManager manager = (KeystoreManager) ctx.lookup("keystore"); is not getting resolved due to missing import.

As you mentioned I can't find any DC as com.sap.security.api but there is a DC available as com.sap.security.api.sda which I've added in Used DC. Also I've added IAIKSecurity as well, as Used DC from SAP-JEE SC. I'm using Local Development in Netweaver 7.0 SP11. Can you please help?

Thanks,

Dipankar

Former Member
‎12-03-2008 10:12 AM
0 Kudos

Hi,

What don't you use jar locator then?

KeystoreManager in either of these locations:

plugins\com.sap.tc.ap_2.0.0\comp\SAP-JEE\DCs\sap.com\com.sap.engine.client.lib\_comp\gen\default\public\default\lib\java\sapj2eeclient.jar

\plugins\com.sap.tc.ap_2.0.0\comp\SAP-JEE\DCs\sap.com\com.sap.engine.deploy.online\_comp\gen\default\public\default\lib\java\sapj2eenginedeploy.jar

\plugins\com.sap.tc.ap_2.0.0\comp\SAP-JEE\DCs\sap.com\keystore_api\_comp\gen\default\public\default\lib\java\keystore_api.jar

Or, take keystore_api.jar from the server and use it.

Roy

Edited by: Roy Cohen on Dec 3, 2008 12:13 PM

former_member4529
Active Contributor
‎12-04-2008 7:01 AM
0 Kudos

Hi Roy,

Thanks a lot for your help! Now we can successfully build the project. But I also need to save a new certificate in the Keystore using the APIs. Is it possible? If so how? I can't find any createCertificate() method on the Keystore object.

I'll really appreciate your help!

Thanks,

Dipankar

Former Member
‎12-04-2008 9:33 AM
0 Kudos

Hi Dipankar,

That wasn't part of my to do list so you'll have to dig the API yourself...

Rgds,

Roy

Former Member
‎09-12-2008 4:08 PM
0 Kudos

Anyone...?

Show replies
Show replies
Former Member
‎09-12-2008 8:52 PM
0 Kudos

Not Sure buddy if this helps

Regards

Pankaj Prasoon

Former Member
‎09-12-2008 10:07 PM
0 Kudos

Nope doesn't help, this deals with certificate import problem, I'm past that stage. We've exchanged certificates successfully now I want to send the other side a message. How do I get the public key to encrypt it?

Ask a Question